From: Dave Crocker <dcrocker@brandenburg.com>
Date: Sun, 4 Feb 1996 01:56:42 +0800
To: Nathaniel Borenstein <nsb@nsb.fv.com>
Subject: Don't type your yes/fraud response into your computer
Message-ID: <v03004a07ad394d54df7f@[205.214.160.52]>
MIME-Version: 1.0
Content-Type: text/plain


(I sent this separately to the www-buyinfo list and now decided that
cypherpunks might also be an interesting -- or even better -- venue for
raising the question.  Sorry for the duplicates if you get them.  d/)

If this has shown up in one or another of the discussion threads already, I
apologize for missing it.

	In thinking about the nature of the credit card keyboard attack, it
occurs to me that the confirmation message sent from First Virtual back to
the (purported) purchases is, itself, pretty distinctive.  It makes me
wonder whether an attack of the style used to detect credit card typing on
the keyboard could not also be used to detect the arrival of the FV
confirmation query and then, of course, to automatically generate a 'yes'
response back to FV?

	At base, the moral to the story is that a compromised user machine
permits essentially any and all activities to be suborned.  Only a smart
card mechanism stands a chance of standing up to this, but that, in effect,
makes the smart card the 'user machine'.

d/

--------------------
Dave Crocker                                                +1 408 246 8253
Brandenburg Consulting                                 fax: +1 408 249 6205
675 Spruce Dr.                                     dcrocker@brandenburg.com
Sunnyvale CA 94086 USA                           http://www.brandenburg.com

Internet Mail Consortium                   http://www.imc.org, info@imc.org